On Mon, Aug 31, 2020 at 11:23 AM John Levine via dmarc-discuss < dmarc-discuss@dmarc.org> wrote:
> In article <CAPyMsDiy+k14BJBG-_D= > aoy9o3mw4-uoyo9dh_c3ulpmwnb...@mail.gmail.com> you write: > >-=-=-=-=-=- > >-=-=-=-=-=- > > > >With some of my recent DMARC reports for my domains I've seen comments > >about over riding the p=reject and deciding the mail should be quarantined > >vs rejected because the recipient mailbox provider thought it was > >forwarded. > > > >Would it be useful to add an additional DMARC be expanded to have a > >'p=nomail' value so when a domain that is already publishing "v=spf1 -all" > >and has a 'p=reject' value that it really should be rejected regardless of > >what the recipient domain thinks about a mail being forwarded or not? > > We already have SPF "v=spf1 -all" to say that a domain sends no mail, > and MX 0 . to say that it receives no mail. In general it's not a > great idea to invent multiple ways to say the same thing, or to look > at it another way, if recipients aren't taking the hint from SPF, why > do we think they'd pay attention to a similar hint from DMARC? > Hmm, DMARC is for the header from domain, however, I wonder if folks usually only do the spf lookup on the mail from argument, which may not be aligned and therefore doesn't hit that. Not that an inbound filter couldn't also do an spf lookup on the header from domain... or an mx lookup on the reply to domain for that matter. And then how would this also play with say the Sender: header override draft, would you expect to listen to the SPF for the header from domain saying "no mail" or allow override? Agreed with the general case of "I really mean it" though. Brandon
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)